Mercurial > vim
view src/dlldata.c @ 33863:3b8089d550eb v9.0.2141
patch 9.0.2141: [security]: buffer-overflow in suggest_trie_walk
Commit: https://github.com/vim/vim/commit/0fb375aae608d7306b4baf9c1f906961f32e2abf
Author: Christian Brabandt <cb@256bit.org>
Date: Wed Nov 29 10:23:39 2023 +0100
patch 9.0.2141: [security]: buffer-overflow in suggest_trie_walk
Problem: [security]: buffer-overflow in suggest_trie_walk
Solution: Check n before using it as index into byts array
Basically, n as an index into the byts array, can point to beyond the byts
array. So let's double check, that n is within the expected range after
incrementing it from sp->ts_curi and bail out if it would be invalid.
Reported by @henices, thanks!
Signed-off-by: Christian Brabandt <cb@256bit.org>
author | Christian Brabandt <cb@256bit.org> |
---|---|
date | Sun, 10 Dec 2023 15:16:03 +0100 |
parents | 3fc0f57ecb91 |
children |
line wrap: on
line source
/********************************************************* DllData file -- generated by MIDL compiler DO NOT ALTER THIS FILE This file is regenerated by MIDL on every IDL file compile. To completely reconstruct this file, delete it and rerun MIDL on all the IDL files in this DLL, specifying this file for the /dlldata command line option *********************************************************/ #define PROXY_DELEGATION #include <rpcproxy.h> #ifdef __cplusplus extern "C" { #endif EXTERN_PROXY_FILE( if_ole ) PROXYFILE_LIST_START /* Start of list */ REFERENCE_PROXY_FILE( if_ole ), /* End of list */ PROXYFILE_LIST_END DLLDATA_ROUTINES( aProxyFileList, GET_DLL_CLSID ) #ifdef __cplusplus } /*extern "C" */ #endif /* end of generated dlldata file */